0
I have a php code that makes a request with Curl on a page, but it saves cookies in a cookies.txt text file, and anyone can have access to that file in a direct link "www.meusite.com.br/cookies.txt" I wonder how to hide this, because the security of my application will be at risk if someone finds this file.
1
There are already a number of posts on the site about how to block an external client from accessing a file.
For example, if it is an Apache server:
Best thing would be to change the path where the file is saved by putting it out of the root of your hosting (for example, out of the directory httpdocs or equivalent):
curl_setopt( $curl_handle, CURLOPT_COOKIEJAR, caminho );
curl_setopt( $curl_handle, CURLOPT_COOKIEFILE, caminho );
CURLOPT_COOKIEFILE is the way where the cookies are stored and read during normal use.
CURLOPT_COOKIEJAR is the way where the cookies are stored after calling the Cleanup .
See the Curl options for PHP in the manual:
Browser other questions tagged php javascript html curl cookies
You are not signed in. Login or sign up in order to post.
Thanks more seems to me that even so with a scanner it is possible to find this cookie file on my site
– Estudante PHP
But I am passing this so you can put the files OUT of the site. I edited the post to make it clearer. If you just want to block the files, there are already answers on the site. If you are apache, just search for . htaccess
– Bacco
Thank you I will inform me more about :)
– Estudante PHP